Shortcuts on this page
r m x toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
1# This file is dual licensed under the terms of the Apache License, Version
2# 2.0, and the BSD License. See the LICENSE file in the root of this repository
3# for complete details.
5from __future__ import annotations
8def cryptography_has_set_cert_cb() -> list[str]:
9 return [
10 "SSL_CTX_set_cert_cb",
11 "SSL_set_cert_cb",
12 ]
15def cryptography_has_ssl_st() -> list[str]:
16 return [
17 "SSL_ST_BEFORE",
18 "SSL_ST_OK",
19 "SSL_ST_INIT",
20 "SSL_ST_RENEGOTIATE",
21 ]
24def cryptography_has_tls_st() -> list[str]:
25 return [
26 "TLS_ST_BEFORE",
27 "TLS_ST_OK",
28 ]
31def cryptography_has_ssl_sigalgs() -> list[str]:
32 return [
33 "SSL_CTX_set1_sigalgs_list",
34 ]
37def cryptography_has_psk() -> list[str]:
38 return [
39 "SSL_CTX_use_psk_identity_hint",
40 "SSL_CTX_set_psk_server_callback",
41 "SSL_CTX_set_psk_client_callback",
42 ]
45def cryptography_has_psk_tlsv13() -> list[str]:
46 return [
47 "SSL_CTX_set_psk_find_session_callback",
48 "SSL_CTX_set_psk_use_session_callback",
49 "Cryptography_SSL_SESSION_new",
50 "SSL_CIPHER_find",
51 "SSL_SESSION_set1_master_key",
52 "SSL_SESSION_set_cipher",
53 "SSL_SESSION_set_protocol_version",
54 ]
57def cryptography_has_custom_ext() -> list[str]:
58 return [
59 "SSL_CTX_add_client_custom_ext",
60 "SSL_CTX_add_server_custom_ext",
61 "SSL_extension_supported",
62 ]
65def cryptography_has_tlsv13_functions() -> list[str]:
66 return [
67 "SSL_CTX_set_ciphersuites",
68 ]
71def cryptography_has_tlsv13_hs_functions() -> list[str]:
72 return [
73 "SSL_VERIFY_POST_HANDSHAKE",
74 "SSL_verify_client_post_handshake",
75 "SSL_CTX_set_post_handshake_auth",
76 "SSL_set_post_handshake_auth",
77 "SSL_SESSION_get_max_early_data",
78 "SSL_write_early_data",
79 "SSL_read_early_data",
80 "SSL_CTX_set_max_early_data",
81 ]
84def cryptography_has_ssl_verify_client_post_handshake() -> list[str]:
85 return [
86 "SSL_verify_client_post_handshake",
87 ]
90def cryptography_has_engine() -> list[str]:
91 return [
92 "ENGINE_by_id",
93 "ENGINE_init",
94 "ENGINE_finish",
95 "ENGINE_get_default_RAND",
96 "ENGINE_set_default_RAND",
97 "ENGINE_unregister_RAND",
98 "ENGINE_ctrl_cmd",
99 "ENGINE_free",
100 "ENGINE_get_name",
101 "ENGINE_ctrl_cmd_string",
102 "ENGINE_load_builtin_engines",
103 "ENGINE_load_private_key",
104 "ENGINE_load_public_key",
105 "SSL_CTX_set_client_cert_engine",
106 ]
109def cryptography_has_verified_chain() -> list[str]:
110 return [
111 "SSL_get0_verified_chain",
112 ]
115def cryptography_has_srtp() -> list[str]:
116 return [
117 "SSL_CTX_set_tlsext_use_srtp",
118 "SSL_set_tlsext_use_srtp",
119 "SSL_get_selected_srtp_profile",
120 ]
123def cryptography_has_op_no_renegotiation() -> list[str]:
124 return [
125 "SSL_OP_NO_RENEGOTIATION",
126 ]
129def cryptography_has_dtls_get_data_mtu() -> list[str]:
130 return [
131 "DTLS_get_data_mtu",
132 ]
135def cryptography_has_ssl_cookie() -> list[str]:
136 return [
137 "SSL_OP_COOKIE_EXCHANGE",
138 "DTLSv1_listen",
139 "SSL_CTX_set_cookie_generate_cb",
140 "SSL_CTX_set_cookie_verify_cb",
141 ]
144def cryptography_has_prime_checks() -> list[str]:
145 return [
146 "BN_prime_checks_for_size",
147 ]
150def cryptography_has_unexpected_eof_while_reading() -> list[str]:
151 return ["SSL_R_UNEXPECTED_EOF_WHILE_READING"]
154def cryptography_has_ssl_op_ignore_unexpected_eof() -> list[str]:
155 return [
156 "SSL_OP_IGNORE_UNEXPECTED_EOF",
157 ]
160def cryptography_has_get_extms_support() -> list[str]:
161 return ["SSL_get_extms_support"]
164def cryptography_has_ssl_get0_group_name() -> list[str]:
165 return ["SSL_get0_group_name"]
168# This is a mapping of
169# {condition: function-returning-names-dependent-on-that-condition} so we can
170# loop over them and delete unsupported names at runtime. It will be removed
171# when cffi supports #if in cdef. We use functions instead of just a dict of
172# lists so we can use coverage to measure which are used.
173CONDITIONAL_NAMES = {
174 "Cryptography_HAS_SET_CERT_CB": cryptography_has_set_cert_cb,
175 "Cryptography_HAS_SSL_ST": cryptography_has_ssl_st,
176 "Cryptography_HAS_TLS_ST": cryptography_has_tls_st,
177 "Cryptography_HAS_SIGALGS": cryptography_has_ssl_sigalgs,
178 "Cryptography_HAS_PSK": cryptography_has_psk,
179 "Cryptography_HAS_PSK_TLSv1_3": cryptography_has_psk_tlsv13,
180 "Cryptography_HAS_CUSTOM_EXT": cryptography_has_custom_ext,
181 "Cryptography_HAS_TLSv1_3_FUNCTIONS": cryptography_has_tlsv13_functions,
182 "Cryptography_HAS_TLSv1_3_HS_FUNCTIONS": (
183 cryptography_has_tlsv13_hs_functions
184 ),
185 "Cryptography_HAS_SSL_VERIFY_CLIENT_POST_HANDSHAKE": (
186 cryptography_has_ssl_verify_client_post_handshake
187 ),
188 "Cryptography_HAS_ENGINE": cryptography_has_engine,
189 "Cryptography_HAS_VERIFIED_CHAIN": cryptography_has_verified_chain,
190 "Cryptography_HAS_SRTP": cryptography_has_srtp,
191 "Cryptography_HAS_OP_NO_RENEGOTIATION": (
192 cryptography_has_op_no_renegotiation
193 ),
194 "Cryptography_HAS_DTLS_GET_DATA_MTU": cryptography_has_dtls_get_data_mtu,
195 "Cryptography_HAS_SSL_COOKIE": cryptography_has_ssl_cookie,
196 "Cryptography_HAS_PRIME_CHECKS": cryptography_has_prime_checks,
197 "Cryptography_HAS_UNEXPECTED_EOF_WHILE_READING": (
198 cryptography_has_unexpected_eof_while_reading
199 ),
200 "Cryptography_HAS_SSL_OP_IGNORE_UNEXPECTED_EOF": (
201 cryptography_has_ssl_op_ignore_unexpected_eof
202 ),
203 "Cryptography_HAS_GET_EXTMS_SUPPORT": cryptography_has_get_extms_support,
204 "Cryptography_HAS_SSL_GET0_GROUP_NAME": (
205 cryptography_has_ssl_get0_group_name
206 ),
207}